30b345133f15d0d8b724f1d8a32ebfdb0499e4b4b05e9c897285d4541fefd29d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_6fd332d413992f88f37114409ac9b592_cryptolocker
Size

65KB
Sample

240129-e7e91sbdhj
MD5

6fd332d413992f88f37114409ac9b592
SHA1

aeb8eafea68f1f5ffc24f0b70d087a76e8c087c5
SHA256

30b345133f15d0d8b724f1d8a32ebfdb0499e4b4b05e9c897285d4541fefd29d
SHA512

6831e6b4204c32f41e484a52efb625d3d15bf0bae986970c561e30e6efb8a7c54b7bebd2a9c1c311bf8e8eda76f58b60cd31b7dc0c057c978b92e74c2a0b0253
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3hvLcbVP:ZVxkGOtEvwDpjcawl

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-29_6fd332d413992f88f37114409ac9b592_cryptolocker
- Size
  
  65KB
- MD5
  
  6fd332d413992f88f37114409ac9b592
- SHA1
  
  aeb8eafea68f1f5ffc24f0b70d087a76e8c087c5
- SHA256
  
  30b345133f15d0d8b724f1d8a32ebfdb0499e4b4b05e9c897285d4541fefd29d
- SHA512
  
  6831e6b4204c32f41e484a52efb625d3d15bf0bae986970c561e30e6efb8a7c54b7bebd2a9c1c311bf8e8eda76f58b60cd31b7dc0c057c978b92e74c2a0b0253
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3hvLcbVP:ZVxkGOtEvwDpjcawl
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2